Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
emc scaleio vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-8019
An issue exists in EMC ScaleIO 2.0.1.x. A vulnerability in message parsers (MDM, SDS, and LIA) could potentially allow an unauthenticated remote malicious user to send specifically crafted packets to stop ScaleIO services and cause a denial of service situation.
Emc Scaleio 2.0.1.0
Emc Scaleio 2.0.1.1
Emc Scaleio 2.0.1.2
Emc Scaleio 2.0.1.3
9.8
CVSSv3
CVE-2017-8020
An issue exists in EMC ScaleIO 2.0.1.x. A buffer overflow vulnerability in the SDBG service may potentially allow a remote unauthenticated malicious user to execute arbitrary commands with root privileges on an affected server.
Emc Scaleio 2.0.1.0
Emc Scaleio 2.0.1.2
Emc Scaleio 2.0.1.1
Emc Scaleio 2.0.1.3
8.8
CVSSv3
CVE-2016-9867
An issue exists in EMC ScaleIO versions prior to 2.0.1.1. A low-privileged local attacker may be able to modify the kernel memory in the SCINI driver and may achieve code execution to escalate privileges to root on ScaleIO Data Client (SDC) servers.
Emc Scaleio
5.5
CVSSv3
CVE-2016-9868
An issue exists in EMC ScaleIO versions prior to 2.0.1.1. A low-privileged local attacker may cause a denial-of-service by generating a kernel panic in the SCINI driver using IOCTL calls which may render the ScaleIO Data Client (SDC) server unavailable until the next reboot.
Emc Scaleio
5.5
CVSSv3
CVE-2016-9869
An issue exists in EMC ScaleIO versions prior to 2.0.1.1. Incorrect permissions on the SCINI driver may allow a low-privileged local malicious user to modify the configuration and render the ScaleIO Data Client (SDC) server unavailable.
Emc Scaleio
7.5
CVSSv3
CVE-2018-1205
Dell EMC ScaleIO, versions before 2.5, do not properly handle some packet data in the MDM service. As a result, a remote attacker could potentially send specifically crafted packet data to the MDM service causing it to crash.
Dell Emc Scaleio
9.8
CVSSv3
CVE-2018-1237
Dell EMC ScaleIO versions before 2.5, contain improper restriction of excessive authentication attempts on the Light installation Agent (LIA). This component is deployed on every server in the ScaleIO cluster and is used for central management of ScaleIO nodes. A remote malicious...
Dell Emc Scaleio
7.5
CVSSv3
CVE-2018-1238
Dell EMC ScaleIO versions before 2.5, contain a command injection vulnerability in the Light Installation Agent (LIA). This component is used for central management of ScaleIO deployment and uses shell commands for certain actions. A remote malicious user, with network access to ...
Dell Emc Scaleio
8.4
CVSSv3
CVE-2017-8001
An issue exists in EMC ScaleIO 2.0.1.x. In a Linux environment, one of the support scripts saves the credentials of the ScaleIO MDM user who executed the script in clear text in temporary log files. The temporary files may potentially be read by an unprivileged user with access t...
Dell Emc Scaleio 2.0.1.0
Dell Emc Scaleio 2.0.1.1
Dell Emc Scaleio 2.0.1.2
Dell Emc Scaleio 2.0.1.3
6.5
CVSSv3
CVE-2020-10755
An insecure-credentials flaw was found in all openstack-cinder versions before openstack-cinder 14.1.0, all openstack-cinder 15.x.x versions before openstack-cinder 15.2.0 and all openstack-cinder 16.x.x versions before openstack-cinder 16.1.0. When using openstack-cinder with th...
Redhat Openstack-cinder
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started